failure to connect on Slackware

Recommended Posts

I've been using AirVPN with no problems for some time, running on a router. But when I try and set it up on my desktop instead, it won't connect. Using Network Manager, giving it the .ovpn file to "Import as a saved VPN configuration", it authenticates ok and appears to be connected, but is not in fact. When I try manually by doing

sudo openvpn Air*.ovpn

the connection fails after authentication with the following messages:

There is no "ip" application on my system or in the Slackware repositories. However, I get the same error with another VPN provider when connecting on the command line, but their service works (intermittently) with Network Manager's openvpn plugin.

If openvpn is run without root privileges, the connection fails just before:

Apparently, the non-existent "ip" application requires root privileges. The other VPN provider fails in exactly the same way without them, so this is not a problem specific to the provider, it is something to do with my Linux setup.

The failure to connect using the NM GUI is quite possibly entirely unrelated. Ideally, I'd like to be able to do it both ways.

Share this post

Link to post

Zhang, thanks, that immediately plugged the leak, without even the need to reconnect. But I would like to understand a bit better what I have done here. What is that IP? Is it linked specifically to AirVPN, or would it work with any VPN provider to stop the leak? And how did Vodafone (whose 3G service I am currently using as a stopgap) manage to get that in there? If I deleted it, would I be unable to connect to their service?

When testing for DNS leaks, sometimes I see e.g. Google servers, is this ok or is that a leak too? That is, do I just want to not see any results from my own ISP, and anything else is ok? On www.dnsleaktest.com, it says something that seems to suggest the opposite (only the VPN's server is ok):

If you are connected to a VPN service and ANY of the servers listed above are not provided by the VPN service then you have a DNS leak and are choosing to trust the owners of the above servers with your private data.

I tried using 208.67.222.222 (OpenDNS server) instead of 10.4.0.1, would that also be effective?

I will read up on nameserver, DNS and resolv.conf, but I would still be very grateful for any pointers you can give me.

Share this post

Link to post

there are no DNS leaks in GNU/Linux. If your system queries for example OpenDNS while the system is connected to some VPN server, the DNS queries will be anyway tunneled up to the VPN servers, before going to OpenDNS servers. Nothing to do with DNS leaks which plague systems with incomplete DNS implementation (for example WIndows).

However, and obviously, if your system sends the queries to the router DNS server, then the handling of such queries becomes a matter of the router, which may "forward" them out in clear text to the DNS set in the router itself. Again, this is not a GNU/Linux DNS leak.

Share this post

Link to post

NaDre, thanks once again, that's a useful tool. It also gives that same IP, but locates it in Manchester rather than London, mentioning my 3G provider rather than a government ministry. I wonder which is correct? DNS results are associated with openDNS rather than the AirVPN one, which presumably only works if you are coming through the VPN. Here is my current /etc/resolv.conf: